# yamllint disable rule:comments-indentation
---
server:
  host: 0.0.0.0
  port: 9091
  read_buffer_size: 4096
  write_buffer_size: 4096
  path: "authelia"
# ENV: log_level: debug
#jwt_secret: somethingsomethingrandomrecret567890765434567
default_redirection_url: https://authelia   # NOENV
  #duo_api:
  #  hostname: api-somenumber.duosecurity.com
  #  integration_key: SOMESECRETKEY
  #  secret_key: somelongersecretkey
authentication_backend:
  password_reset:
    disable: false
    custom_url: "https://users.auth.barbu-it.net" # NOENV

access_control:
  default_policy: one_factor
  #  default_policy: deny
  #  rules:
  #
  #    - domain: auth.barbu-it.com
  #      policy: bypass
  #
  #    # Admin domains
  #    - domain:
  #      - admin.barbu-it.net
  #      - "*.admin.barbu-it.net"
  #      policy: one_factor
  #      subject:
  #        - ['group:admin-it', 'group:admins']
  #
  #    # Employees domains
  #    - domain:
  #      - dolibarr.lan.barbu-it.net
  #      #- hr.barbu-it.com
  #      #- "*.hr.barbu-it.com"
  #      policy: one_factor
  #      subject:
  #        - ['group:admin-hr', 'group:admins']
  #
  #    - domain:
  #      - users.auth.barbu-it.net
  #      policy: one_factor
  #      subject:
  #        - ['group:employees', 'group:admins']
  #
  #    # Legacyyy
  #    - domain:
  #      - librespeed.lan.barbu-it.net
  #      policy: bypass
  #
  #    - domain:
  #      #- lan.barbu-it.net
  #      #- "*.lan.barbu-it.net"
  #      #- "*.lan.barbu-it.com"
  #      - "*.authelia.lan.barbu-it.net"
  #        #- "*.barbu-it.net"
  #        #- "*.barbu-it.com"
  #      policy: one_factor
  #        #policy: two_factor,bypass,deny
session:
  name: authelia_session
  #ENV secret: somerandomsecret
  expiration: 1h
  inactivity: 5m
  remember_me_duration: 1M
  # ENV domain: lan.barbu-it.net
regulation:
  max_retries: 3
  find_time: 2m
  ban_time: 5m
storage:
  #ENV encryption_key:  687347boweubycrq84vr984olvtbue9y8tyenvurley8tvbet90ewtve-0t9ve
  local:
    path: /config/db.sqlite3
notifier:
  filesystem:
    filename: /config/notification.txt

      #notifier:
      #  disable_startup_check: false
      #  smtp:
      #    username: myemail@gmail.com
      #    password: longpassword
      #    host: smtp.gmail.com
      #    port: 587
      #    sender: myemail@gmail.com
      #    subject: "[Authelia] {title}"
      #    startup_check_address: test@authelia.com
      #      #trusted_cert: ""
      #      #disable_require_tls: false
      #      #disable_verify_cert: false
      #